JJ Luna's personal privacy blog. In 1959 he moved to Spain's Canary Islands to begin a then-illegal educational work that included secret meetings in remote mountain forests. Although pursued by General Franco's Secret Police, he maintained his privacy via a false identity and was never caught. When the Spanish dictator moderated Spain’s harsh laws in 1970, Luna was free to come in from the cold. However, he remains in the shadows to this day. He is currently an international privacy consultant.

Friday, August 31, 2012

Never list your mother’s maiden name as a security question when you open an account online

Although it seems obvious that no one should ever do that—it’s still being done every day because it’s “so easy to remember.” It also makes it possible for a hacker to get into your account, as was the case with the Sarah Palin e-mail hack by David Kernell, back in 2008. At the very least, choose a totally different name for your mother’s maiden name.

Personally, I prefer to give different answers to security questions for each account. This applies to ALL security questions, not just “What was your mother’s maiden name?" Use different answers for questions such as these: Where were you born? Where was your father born? What was the name of your first pet? Where did you first go to high school?

As for the password itself, never, ever use a real word, even if it’s in a foreign language. For detailed instructions on how to choose a secure password, see chapter 17 of How to be Invisible.

2 comments:

The thing is, there are so many passwords to remember and more then once I've totatly forgotten the password and lost access to the host forever. My solution has been to have one single answer to the question(s) every time. Less secure for sure, but the common (wo)man feels disempowered against the sophistication that there is out there, just hoping not to be targeted. Also, one needs to be dedicated to establishing and maintaining ones privacy and security, something that is discouraged in these times when a person-type has been developed who is deprived of all spiritual power and thus sovereigty, increasingly made dependent and trustful of authrorities, legal or otherwise.

The work JJ Luna is doing is therefore very worthy of praise and should be appreciated.